On 8/10/19 8:02 AM, Richard W.M. Jones wrote: > Previously nbd_set_tls had an integer argument which was 0 for > disable, 1 for allow and 2 for require. This commit adds a proper > enumerated type to describe this, defining LIBNBD_TLS_DISABLE = 0, > LIBNBD_TLS_ALLOW = 1 and LIBNBD_TLS_REQUIRE = 2. (Note the C API > doesn't change). > > In C the enumerated type is still defined and passed as an int (not as > an enum). While we could define an enum type for this, there are ABI > stability problems inherent in enums in C. > > In OCaml this is implemented as a variant type. > > There is no equivalent for returning an enum (eg. for nbd_get_tls). > We should add that later. It won't affect the C API but would change > the OCaml API. > --- > TODO | 2 - > generator/generator | 108 ++++++++++++++++++++++++++++++++++++++++++-- > 2 files changed, 104 insertions(+), 6 deletions(-) > > diff --git a/TODO b/TODO > index 65c95ee..8e067c0 100644 > --- a/TODO > +++ b/TODO > @@ -35,8 +35,6 @@ Suggested API improvements: > - nbd_connect_command: allow passing char **env > > TLS: > - - nbd_set_tls: either remove optiona (1/2) interface, or > - define symbols for it
Nice fix of a typo while at it :) > @@ -1029,12 +1045,12 @@ NBD server. The possible settings are: > > =over 4 > > -=item C<tls=0> > +=item C<LIBNBD_TLS_DISABLE> > > Disable TLS. (The default setting, unless using C<nbd_connect_uri> with > a URI that requires TLS) > > -=item C<tls=1> > +=item C<LIBNBD_TLS_ALLOW> > > Enable TLS if possible. In some cases this will fall back > to an unencrypted and/or unauthenticated connection if While touching this, we should also call out that this is a security risk if there is any possibility of a man-in-the-middle attack. Otherwise looks good. Should we also expose an enum type for the pread_structured callback function? -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Libguestfs mailing list [email protected] https://www.redhat.com/mailman/listinfo/libguestfs
